<?php
//all database operations
	class DB
	{
	public  $db_conn;
	//public final $discount_per_level=0.05;
	function __construct()
	{
		//connect to database and choose "eshop" database
	 	$database_username="devel";
		$database_psaaword="Oracle2011!";
		$database_name="eshop";
		$this->db_conn=mysql_connect("localhost", $database_username, $database_psaaword)or die ("Could not connect:".mysql_error());
		mysql_select_db($database_name,$this->db_conn)or die ("can not use database:".mysql_error());
		mysql_query("set names utf8");
	}
	function __destruct()
	{
	// close database connection
	    if($this->db_conn!="")
			{
			mysql_close($this->db_conn)or die ("ERROR:".mysql_error());
			}
	}
	
	// return whether a specific name exists
	function Is_exist($userName)
	{
		
			$result=mysql_query("SELECT * FROM user WHERE userName='".$userName."'",$this->db_conn);
			
			if($row = mysql_fetch_object($result)) {
				return true;
			}
			else
				return false;
	}
	
	// check whether a specific name and password is matched
	function Verify($userName,$pwd)
	{
	$sql = "SELECT * FROM user WHERE userName='".$userName."' AND password='".$pwd."'";
			$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
			if($row = mysql_fetch_object($result))  
			{	
				return true;
			}
			else
				return false;	
	}
	
	//load all users from database
	function load_users()
		{
			$sql = "SELECT * FROM user";
			$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
			$final_result=array(); 
			while($row=mysql_fetch_array($result))
			{
				$final_result[]=$row;
			}
			return $final_result;
		}
			
	function get_user_limit($start,$perPage)
	{
		    $sql = "SELECT * FROM user limit $start,$perPage";
			$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
			$final_result=array(); 
			while($row=mysql_fetch_array($result))
			{
				$final_result[]=$row;
			}
			return $final_result;	
	}

	function get_uid_info($uid)
	{
		$sql="select * from user where uid=".$uid;
		$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}	
	

	function get_userName_info($name)
	{
		$sql="select * from user where userName='".$name."'";
		$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result[0];
	}
	
	
	function delete_uid($uid)
	{
		$sql="DELETE from user where uid=$uid";
		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$sql="DELETE from `order` where uid=$uid";
		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$sql="DELETE from message where uid=$uid";
		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$sql="delete from designlist where uid = $uid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
	}
	
	
	function get_all_product()
	{
		$sql="select * from product";
		$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_pid_product($pid)
	{
		$sql="select * from product where pid='".$pid."'";
		$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_type_product($type)
	{
		$sql="select * from product where type='".$type."'";
		$result = mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	

	
	function get_meta_product($meta)
	{
		$meta_s=preg_split("/[\s,]+/",$meta);
		$i=0;	
		for($i=0;$i<count($meta_s);$i++){
		$sql="select * from product where meta REGEXP '[\s]?".$meta_s[$i]."[\s]?'";
		$result[$i]=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		}
		$temp=array();
		$final=array();
		$pid_count=array();
		for($i=0;$i<count($result);$i++)
		{
			while($row = mysql_fetch_array($result[$i])){
		     $pid_count[$row["pid"]]++;
		     if(!array_key_exists($row["pid"], $temp))
		     {
		     	$temp[$row["pid"]]=$row;
		     }
			}
		}
		arsort($pid_count);
		//return$pid_count;
		$sorted_keys=array_keys($pid_count);
		for($i=0;$i<count($sorted_keys);$i++)
		{
			$final[]=$temp[$sorted_keys[$i]];
		}
		return $final;
	}
	
	
	function get_date_product($date)
	{
		$sql="select * from product where onTime='".$date."'";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_recommend()
	{
		$sql="select * from recommend";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	function get_rid_row($rid)
	{
		$sql="select * from recommend where rid=$rid";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result[0];	
	}
	
	function update_recommend($rid,$newPid,$newPic)
	{
		$sql="update recommend set pid=$newPid where rid=$rid";
		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		if($newPic["name"]!=""){
		$newname = iconv('utf-8','gbk',"../Image/Hot/$rid.jpg");	
    	move_uploaded_file($newPic['tmp_name'], $newname);
		}
	}
	
	function Add_recommend($newPid,$newPic)
	{
		$sql="insert into recommend(pid) values($newPid)";
		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$sql="select * from recommend";
    	$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	mysql_data_seek($result, mysql_num_rows($result)-1);
    	$row=mysql_fetch_array($result);
		$newname = iconv('utf-8','gbk',"../Image/Hot/".$row["rid"].".jpg");	
    	move_uploaded_file($newPic['tmp_name'], $newname);
		
	}
	
	
	function get_newly($n)
	{
		if($n<=0)return null;
		$final_result=array();
		$sql="select * from product ORDER BY onTime DESC";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
	while($row=mysql_fetch_array($result))
	{
		
		$final_result[]=$row;
		$n--;
		if($n==0)
		break;
	}
		return $final_result;	
	}
	
	
	function get_all_orders()
	{
		$sql="select * from `order`";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_state_order($state)
	{
		$sql="select * from `order` where state=".$state;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_date_order($date)
	{
		$sql="select * from `order` where date LIKE '".$date."%";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;	
	}
	

	
	function get_uid_order($uid)
	{
		$sql="select * from `order` where uid=".$uid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_pid_order($pid)
	{
		$sql="select * from `order` where pid=".$pid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
	
	function get_pid_message($pid)
	{
		$sql="select * from message where pid=".$pid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
	}
	
   
    function  get_tid_types($tid)
    {
    	
    	$sql="select * from type where tid=$tid";
    	//$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	//$exist=false;
		//while($row=mysql_fetch_array($result))
		//{
		//	$exist=true;
		//}
		//if(!$exist){
		//$unknownType=$this->get_name_tid("undefined", "s");
		//$tid=$unknownType;
		//}
    	//$sql="select * from type where tid=".$tid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
    }
    
    
    function  get_parent_types($parent)
    {
    	$sql="select * from type where parent=".$parent;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		return $final_result;
    }
    
	
	function get_pid_sold($pid)
	{
		$sql="select sum(count) from `order` where pid=".$pid." and state<>1";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		if(!isset($final_result[0][0]))
		$final_result[0][0]=0;
		return $final_result[0][0];
	}
	
	
	function get_pid_score($pid)
	{
		$sql="select AVG(score) from message where pid=".$pid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		if(!isset($final_result[0][0]))
		$final_result[0][0]=0.0;
		return $final_result[0][0];
	}
	
	
	function get_pid_messageNum($pid)
	{
		$sql="select count(*) from message where pid=".$pid;
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		$final_result=array(); 
		while($row=mysql_fetch_array($result))
		{
			$final_result[]=$row;
		}
		if(!isset($final_result[0][0]))
		$final_result[0][0]=0;
		return $final_result[0][0];
	}
	
    function get_best_sold($n)
    {
    $sql="select pid,sum(count) from `order` where state<>1 GROUP BY pid ORDER BY sum(count) DESC";	
    $result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
	$final_result=array(); 
	while($row=mysql_fetch_array($result))
	{
		$one=$this->get_pid_product($row["pid"]);
		$final_result[]=$one[0];
		$n--;
		if($n==0)
		break;
	}
	return $final_result;
    }
    
    
    function insert_message($pid,$uid,$content,$score)
    {
    	$date=date("YmdHi");
    	$sql="insert into message(pid,uid,content,date,score) 
    	values ("
    	.$pid.","
    	.$uid.",'"
    	.$content."','"
    	.$date."',"
    	.$score.")";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    }
    
    
    function get_desc_announcement()
    {		
		$sql="select * from announcement ORDER BY date DESC";
		$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
	while($row=mysql_fetch_array($result))
	{		
		$final_result[]=$row;
	}
		return $final_result;
    }
    
   
    function get_aid_announcement($aid)
    {
    	$sql="select * from announcement where aid=".$aid;
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }
    
    
    function get_bigClass_smallClass()
    {
    	$final_result=array();
    	$b_class=$this->get_parent_types(0);
    	$i=0;
    	while(isset($b_class[$i]))
    	{
    		//$b_class=$this->get_tid_types($tid+1);
    		//echo $b_class[0];
    		//exit();
    		$final_result["".$b_class[$i]["name"]]=$this->get_parent_types($b_class[$i]["tid"]);
    		$i++;
    	}
    	return $final_result;
    }
    
    
    function search_sort($search_results,$b_tid,$s_tid,$low_price,$high_price)
    {
    	if($low_price=="")
    	{$low_price=-999999999;}
    	if($high_price=="")
    	{$high_price=999999999;}
    	if($b_tid=="")
    	{$b_tid=0;}
    	if($s_tid=="")
    	{$s_tid=0;}
    	$final_result=array();
    	
    	$i=0;
		while(isset($search_results[$i])){
		if(!($low_price==$high_price&&$high_price==0))
    	{
    	  if($low_price<=$high_price&&($search_results[$i]["act_price"]>$high_price||$search_results[$i]["act_price"]<$low_price))
         {$i++;continue;}
    	}
        
         if($b_tid!=0)
         {
         	if($s_tid==0)
         	{
         		$self_type=$this->get_tid_types($search_results[$i]["type"]);
         		if($self_type[0]["parent"]!=$b_tid)
         		{$i++;continue;}      		
         	}
         	else {
         	if($search_results[$i]["type"]!=$s_tid)
         		{$i++;continue;}   
         	}
         }
         $final_result[]=$search_results[$i];
         $i++;
		}
    	return $final_result;
    }
    
   
    function get_name_tid($name,$s_or_b)
    {
    	if($name=="")
    	return null;
    	if($s_or_b=="s")
    	{
    	$sql="select * from type where name='".$name."' and parent<>0";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		return $row["tid"];
		}
    	}
    	if($s_or_b=="b")
    	{
    	$sql="select * from type where name='".$name."' and parent=0";
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		return $row["tid"];
		}
    	}
    	return null;

    }
    
    function update_admin_pwd($new1)
    {
    	$sql="update user set password='".$new1."' where userName='admin'";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    }
    
  
    function update_cart($oid,$count,$should,$pid,$old_count)
    {
    	$delta=$old_count-$count;
    	$sql="update `order` set count=$count where oid=$oid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update `order` set should_pay=$should where oid=$oid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set count=count+($delta) where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    }
    
    
    function get_uid_carts($uid)
    {
    	$sql="select * from `order` where state=1 and uid=".$uid;
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }
    
   
   // function clear_cart($uid)
   // {
    //	$sql="delete from `order` where uid=".$uid;
    	//mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
   // }	
    
    
    function delete_oid_order($oid)
    {
    	$theOrder=$this->get_oid_order($oid);
    	$pid=$theOrder["pid"];
    	$count=$theOrder["count"];
    	$sql="delete from `order` where oid=".$oid;
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set count=count+$count where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    }
    
    
    function get_shop_message($startNum,$messagePerPage)
    {
    	$sql="select * from message where pid=0 limit $startNum,$messagePerPage";
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }
    
   
    function get_productId_message($pid,$startNum,$messagePerPage)
    {
    	$sql="select * from message where pid=$pid limit $startNum,$messagePerPage";
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }
    
   
    function add_to_cart($uid,$pid,$pCount,$should)
    {
    	$Aproduct=$this->get_pid_product($pid);
  		$price=$Aproduct[0]["act_price"]; 	
    	$sql="insert into `order`(uid,pid,price,p_name,count,state,should_pay,order_date) values($uid,$pid,$price,'".$Aproduct[0]['p_name']."',$pCount,1,$should,'".date("YmdHi")."')";
    	//echo $sql;
    	//exit();
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set count=(count-$pCount) where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    }
    
   
    function get_sort_orders($meta,$updown,$start,$perPage)
    {
    	$sql="select * from `order` order by $meta $updown limit $start,$perPage";
    	//echo $sql;
    	//exit();
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }

   
    function get_number_of_order()
    {
    	$sql="select count(*) from `order`";
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result[0][0];
    }
    
    
    function get_oid_order($oid)
    {
        $sql="select * from `order` where oid=$oid";
        if($oid=="")
        {
        	return null;
        }
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result[0];
    }
    
    function saveOrder($oid,$pid,$count,$should,$state,$oldcount)
    {
    	$delta=$oldcount-$count;
    	$sql="update `order` set count=$count where oid=$oid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update `order` set should_pay=$should where oid=$oid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set count=count+($delta) where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error()); 
    	$sql="update `order` set state=$state where oid=$oid"; 	 
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error()); 	
    	if($state==2)
    	{
    		$date=date("YmdHi");
    		$sql="update `order` set pay_date='".$date."' where oid=$oid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	}
    	if($state==1)
    	{
    		$sql="update `order` set pay_date='201212312359' where oid=$oid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	}
    	if($state==3||$state==4)
    	{
    		$date=date("YmdHi");
    		$sql="update `order` set pay_date='".$date."' where oid=$oid and pay_date='201212312359'";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	}
    }
   
    function get_sort_product($startCount,$numPerPage)
    {
    	$sql="select * from product limit $startCount,$numPerPage";
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    }
    
    function delete_pid($pid)
    {
    	$theProduct=$this->get_pid_product($pid);
    	$theType=$this->get_tid_types($theProduct[0]["type"]);
    	$sql="delete from product where pid = $pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="delete from message where pid = $pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="delete from `order` where pid = $pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="select * from recommend where pid = $pid";
    	$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="delete from recommend where pid = $pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="delete from designlist where pid = $pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	
    	//删除商品预览图
    	if(file_exists("../Image/product_img/$pid.jpg")){
   			unlink("../Image/product_img/$pid.jpg");
 		 }
 		 //删除flash
 		if($theType[0]["name"]=="Floor"){
    		if(file_exists("../flash/mode/floor/$pid.png")){
   			unlink("../flash/mode/floor/$pid.png");
 		 	}
 		 }else {
 		 	if(file_exists("../flash/mode/furniture/$pid.swf"))
 		 	{
 		 		unlink("../flash/mode/furniture/$pid.swf");
 		 	}
 		 }
 		 //删除横幅，如果有的话
    while($row=mysql_fetch_array($result))
		{		
		//$final_result[]=$row;
		
 		 if(file_exists("../Image/Hot/".$row["rid"].".jpg"))
 		 {
 		 	unlink("../Image/Hot/".$row["rid"].".jpg");
 		 }
		}
	
    }
   
    function saveProduct($pid,$ori_price,$act_price,$count,$onTime,$s_tid,$picurl,$meta,$introduction,$swfurl)
    {
    	$theProduct=$this->get_pid_product($pid);
    	$theOldType=$this->get_tid_types($theProduct[0]["type"]);
    	$theNewType=$this->get_tid_types($s_tid);
    	$sql="update product set ori_price=$ori_price where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set act_price=$act_price where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set count=$count where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set onTime='".$onTime."' where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set type=$s_tid where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	if($picurl["name"]!="")//修改预览图片
    	{
    	$newname = iconv('utf-8','gbk',"../Image/product_img/".$pid.".jpg");	
    	move_uploaded_file($picurl['tmp_name'], $newname);
    	}
    	$sql="update product set meta='".$meta."' where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="update product set introduction='".$introduction."' where pid=$pid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	
    	if($swfurl["name"]!="")
    	{
    	//删除flash
    	if($theOldType[0]["name"]=="Floor")
    	{
    	if(file_exists("../flash/mode/floor/$pid.png")){
   			unlink("../flash/mode/floor/$pid.png");
 		 	}
 		 }else {
 		 	if(file_exists("../flash/mode/furniture/$pid.swf"))
 		 	{
 		 		unlink("../flash/mode/furniture/$pid.swf");
 		 	}
 		 }
 		 //添加flash
 		 if($theNewType[0]["name"]=="Floor")
 		 {
 		 	$newname = iconv('utf-8','gbk',"../flash/mode/floor/".$pid.".png");	
    		move_uploaded_file($swfurl['tmp_name'], $newname);
 		 }
 		 else {
 		 	$newname = iconv('utf-8','gbk',"../flash/mode/furniture/".$pid.".swf");	
    		move_uploaded_file($swfurl['tmp_name'], $newname);
 		 }
    	}
    }
    
    
    function AddProduct($p_name,$ori_price,$act_price,$count,$onTime,$s_tid,$picurl,$meta,$introduction,$swfurl)
    {
    	
    	$sql="insert into product(p_name,ori_price,act_price,count,onTime,type,meta,introduction)
    	       values('".$p_name."',".$ori_price.",".$act_price.",".$count.",'".$onTime."',".$s_tid.",'".$meta."','".$introduction."')";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	$sql="select * from product";
    	$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	mysql_data_seek($result, mysql_num_rows($result)-1);
    	$row=mysql_fetch_array($result);
    	$theSType=$this->get_tid_types($s_tid);
    	if($picurl["name"]!="")
    	{
    	$newname = iconv('utf-8','gbk',"../Image/product_img/".$row["pid"].".jpg");	
    	move_uploaded_file($picurl['tmp_name'], $newname);
    	}
    	if($theSType[0]["name"]!="Floor"){
    	$newname="../flash/mode/furniture/".$row["pid"].".swf";
    	$newname=iconv('UTF-8','GB2312',$newname);
    	}else
    	{
    	$newname="../flash/mode/floor/".$row["pid"].".png";
    	$newname=iconv('UTF-8','GB2312',$newname);
    	}
    	move_uploaded_file($swfurl['tmp_name'],$newname);
    	
    	
    	//rename($swfurl, $newname);
    }
    
    function update_tid_name($tid,$newName){
    	$sql="update type set name='".$newName."' where tid=$tid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	
    }
   
    function delete_tid($tid)
    {
      $sql="delete from type where tid=$tid";
      mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
      //$sql="delete from product where type=$tid";
      //mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());	
    }
    
    function search_paging($search_results,$startCount,$numPerPage)
    {
    	$final=array();
    	for($i=0;$i<$numPerPage;$i++)
    	{
    		if($startCount+$i+1>count($search_results))
    		break;
    		
    		$final[]=$search_results[$startCount+$i];
    	}
    	return $final;
    }
   
    function uid_order_paging($orders,$startCount,$numPerPage)
    {
    	$final=array();
    	for($i=0;$i<$numPerPage;$i++)
    	{
    		if($startCount+$i+1>count($orders))
    		break;
    		
    		$final[]=$orders[$startCount+$i];
    	}
    	return $final;
    }
    
    function AddType($name,$parent)
    {
    	$sql="insert into type(name,parent) values('".$name."',$parent)";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());	
    }
    
    function update_tid_parent($tid,$parent)
    {
    	$sql="update type set parent=$parent where tid=$tid";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());	
    }
    function delete_rid($rid)
    {
      $sql="delete from recommend where rid=$rid";
      mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
      //删除横幅
      if(file_exists("../Image/Hot/$rid.jpg"))
      {
      	unlink("../Image/Hot/$rid.jpg");
      }
      	
    }

    function pay_uid_cart($uid)
    {
    	$carts=$this->get_uid_carts($uid);
    	$i=0;
    	while(isset($carts[$i])){
    		$oid=$carts[$i]['oid'];
    		$sql="update `order` set state=2 where oid=$oid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    		$date=date("YmdHi");
    		$sql="update `order` set pay_date='".$date."' where oid=$oid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    		$delEXP=($carts[$i]['price']/100)*$carts[$i]['count'];
    		$delEXP=number_format($delEXP,0,'.','');
    		$sql="update user set exp=exp+$delEXP where uid=$uid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    		$sql="update user set level=exp/100 where uid=$uid";
    		mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    		$i++;
    	}
    	
    }
    function get_uid_decorate($uid)
    {
    	$sql="select * from designlist where uid=$uid";
    	$final_result=array();
		$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
		while($row=mysql_fetch_array($result))
		{		
		$final_result[]=$row;
		}
		return $final_result;
    	
    	
    }
    function add_to_designList($uid,$pid)
    {
    	$sql="select * from designlist where uid=$uid and pid=$pid";
    	$result=mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	if(mysql_num_rows($result)==0){
    	$sql="insert into designlist(uid,pid) values($uid,$pid)";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	}
    
    }
    function delete_did($did)
    {
    	$sql="delete from  designlist where did=$did";
    	mysql_query($sql,$this->db_conn) or die("ERROR:".mysql_error());
    	
    }
    function designList_to_cart($user,$discount,$pids)
    {
    	$i=0;
    	$level=$user["level"];
    	while(isset($pids[$i]))
    	{
    		$theProduct=$this->get_pid_product($pids[$i]);
    		$act_price=$theProduct[0]["act_price"];
    		$should=$act_price*(1-$discount*$level);
            $this->add_to_cart($user["uid"], $pids[$i], 1, $should);
            $i++;
    	}
    }

}
?>